Ken Goodwin and Richard Biever will present at the 2020 NSF Cybersecurity Summit
By Gregory Moore
Ken Goodwin, director of networking, Pittsburgh Supercomputing Center (PSC), and Richard Biever, Duke University’s chief information security officer and director of identity management, will be presenting Both Sides of the Looking Glass: How Vulnerability Scanning and Honeypots Can Work Together in Proactive Cybersecurity Operations at the upcoming 2020 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure hosted by Trusted CI (the NSF Cybersecurity Center of Excellence).
ResearchSOC spoke with Goodwin about the upcoming summit.
ResearchSOC: Give us a preview of what you’re going to be presenting and what you’d like attendees to get out of it.
K.G.: The service offering that PSC brings to ResearchSOC is the Vulnerability Identification Service, or VIS. It scans client IP address spaces. We create an inventory of machines of what operating system they are running, what services they’re running, whether it’s a web server, or a database server. Then we characterize their revision numbers and match that against known exploits or known vulnerabilities and create a list of machines that have known exploits. We then recommend fixes from the vendors and send that list to the client. We also export that back to the OmniSOC.
My goal for this presentation is to highlight some of the power that the ResearchSOC is bringing together and that’s uniting some of this data from all these different sources. You have the VIS service data of what’s there, what’s vulnerable.
You have data from the STINGAR service, too. [See: Richard Biever’s preview.]
The OmniSOC’s role is to see who is twisting doorknobs to see if they are unlocked. The OmniSOC receives all this data as well as alerts from other institutions. The power comes from uniting these data. In security there are a lot of forests, but you must figure out which tree is of particular interest. We do that by combining all these different viewpoints and data sources.
This presentation is to emphasize that point.
ResearchSOC: Tell us a little bit about yourself and your background leading up to your current work.
K.G.: I’m the director of advanced networking at Pittsburgh Supercomputing Center and part of the networking group at PSC. Part of our responsibility is operating a regional network for area colleges and universities – Three Rivers Optical Exchange.
Some number of years ago, how many years ago I don’t recall, we created an add–on service for connectivity for our members which we called security as a service – what I’ll call a lightweight intrusion detection service and the vulnerability identification scanning service for those members that were interested. Many of those members that were interested were small colleges and universities that really didn’t have a security program or even an information security officer. They only had networking staff.
We tried to give them some tools or access to data sources that gave them some visibility into what needed to be done or what was happening. The ResearchSOC really grew out of that.
ResearchSOC: Tell us the goals and benefits of the summit from your personal perspective.
K.G.: Many people that attend the summit are highly experienced security professionals that already have the philosophy that security is important. But one of the things that I look for from the summit is to try to inspire more institutions and professionals to adopt that attitude. I still see a lot of institutions where security is #2 or #3 or even lower concern, whereas it should be much higher.
I would also look at the summit for generating excitement. You get excited when you learn something new or you find out something different, especially during these difficult times when it’s easy to feel downtrodden. Hopefully, the summit will provide some fire for folks.
The Research Security Operations Center (ResearchSOC) is a collaborative security response center that addresses the unique cybersecurity concerns of the research community. ResearchSOC helps make scientific computing resilient to cyberattacks and capable of supporting trustworthy, productive research. For more information on the ResearchSOC, visit our website or email firstname.lastname@example.org.